Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with OpenID
Advertise on LowEndTalk.com

In this Discussion

Dutch government will introduce forced decryption law

Dutch government will introduce forced decryption law

joepie91joepie91 Member
edited November 2012 in General

http://tweakers.net/nieuws/85800/minister-gaat-ontsleutelplicht-invoeren.html

The government in the Netherlands will be introducing a law that forces suspects of a "child porn or terrorism case" to provide the decryption keys for any encrypted data they possess, similar to the decryption law in the United Kingdom.

"Een verdachte die zich zo heeft ingespannen om zijn activiteiten voor de buitenwereld te verhullen, moet rekening houden met de inzet van zwaardere middelen door de overheid om de burgers te beschermen", aldus Opstelten.

Translation:

"A suspect that has gone to such ends to hide his activities to the outside world, should take into account the use of heavier investigation methods by the government to protect civilians", according to Opstelten

Sounds a lot like "you have nothing to fear if you have nothing to hide", doesn't it?

Everyone who still believes "the Netherlands is much more liberal than other countries" after reading this, you're fooling yourself. I fucking told you so.

Appreciate my posts/software/guides? Donate (PayPal/Flattr/Bitcoin): http://cryto.net/~joepie91/donate.html | irc.freenode.net #lowendbox

Comments

  • I never expected this law to actually go through, how many years until this law is for every citizen...

  • Oh boy.. this just gets worse.

    - Ishaq
  • For a second there I thought you said "child porn terrorism case." In which event I was about to say that's a person I want to meet...the one using child porn for terrorism.

    Still though...they'll have to wait until it comes out the other end after you swallow the paper.

  • Well, at least they are not banning encryption entirely, as some other countries. Or maybe that's the next thing they will do, who knows.

  • @rds100 said: Well, at least they are not banning encryption entirely, as some other countries.

    Eh, that is effectively exactly what they are doing. "You can encrypt things, until we want to see what's inside."

    Appreciate my posts/software/guides? Donate (PayPal/Flattr/Bitcoin): http://cryto.net/~joepie91/donate.html | irc.freenode.net #lowendbox

  • MaouniqueMaounique Member
    edited November 2012

    @rds100 said: Well, at least they are not banning encryption entirely,

    That's a false argument, nothing stops the prosecutor to ask you the key by adding a charge of terrorism or CP, it costs nothing, after all, everyone who uses encryption does so to hide his CP collection and bomb blueprints, no honest citizen would do that. If the unencrypted material has no CP or terrorism files, they can be added, nobody will come out to protect a child molester or terrorist, so nobody will really look intot he sickening evidence, after all, looking at it will grant them jail terms. Welcome to the future.

    Who's General Failure, and why is he reading my drive A: ?

  • Interesting, what key could you provide for the SSH session you had with a server or the https webpage you accessed? Giving the encryption key for some stored encrypted data is one thing, not allowing you to use secure communication at all is another. Ask @Asim

  • @rds100 said: Interesting, what key could you provide for the SSH session you had with a server

    Your private key.

    @rds100 said: or the https webpage you accessed?

    It would be practically impossible to outlaw SSL as well, due to ebanking.

    Appreciate my posts/software/guides? Donate (PayPal/Flattr/Bitcoin): http://cryto.net/~joepie91/donate.html | irc.freenode.net #lowendbox

  • @joepie91 said: Your private key.

    Which one? The ssh client doesn't need a private key to be able to connect to a server.

    And about banning SSL - i don't know, i think some countries already tried to do it - namely i remember seeing an article about Pakistan. Maybe Iran too.

  • @joepie91 said: "You can encrypt things, until we want to see what's inside."

    It will ultimately lead into this, starting with things nobody could defend, like terrorism and cp that is. This "you have nothing to fear if you have nothing to hide" attitude is just bullshit. What saddens me is how some people in here, LET, do not realize this despite being "internet experts" as in working in internet related jobs. Especially with this TOR thing and all.

    I appreciate your posts joepie91, you seem to have a good grasp on things regarding privacy and censorship.

    Young sysadmin [Why vpsBoard?]

  • @fisle said: @joepie91 said: "You can encrypt things, until we want to see what's inside."

    In some countries the law system will need tobe changed so forced confessions to be allowed. This kind of attack has been rejected in courts as revealing the key will be providing self-incriminating evidence, even if the police would be right about the acusations. Torture, be it physical of psychological could be applied and "confessions" will be admissible, after all, it is allowed in Iran and Israel, why wouldnt christians do the same to protect their faith ?

    Who's General Failure, and why is he reading my drive A: ?

  • JarJar Member
    edited November 2012

    @Maounique said: why wouldnt christians do the same to protect their faith ?

    @jarland said: Take your anti-religion hate speech propaganda elsewhere.

    You're rivaling Dewlance & Randy.

  • vedranvedran Moderator

    @joepie91 said: forces suspects of a "child porn or terrorism case" to provide the decryption keys for any encrypted data they possess

    Or else?

    I mean, if you're accused of child pornography or terrorism and evidence is encrypted, I'd say a penalty for saying "I lost the keys" would be significantly less than giving them the evidence.

    This will hurt everyone except those who are supposedly targeted with this law.

  • @vedran said: Or else?

    I mean, if you're accused of child pornography or terrorism and evidence is encrypted, I'd say a penalty for saying "I lost the keys" would be significantly less than giving them the evidence.

    This will hurt everyone except those who are supposedly targeted with this law.

    Exactly.

    Appreciate my posts/software/guides? Donate (PayPal/Flattr/Bitcoin): http://cryto.net/~joepie91/donate.html | irc.freenode.net #lowendbox

  • @joepie91 said: Eh, that is effectively exactly what they are doing. "You can encrypt things, until we want to see what's inside."

    Not quite, plus the closest penalty (related to refusal of a government order) is at 3 months; knowing Dutch law I'd say "much more severe" works out to 6 months (apparently refusal of the encryption keys would be "more severe" in the eyes of the law).

    Also:

    http://www.truecrypt.org/docs/?s=plausible-deniability

    You can give them a password.

    Regardless of that, from other news sources it seems they need to be able to reasonably build a case without the encrypted data, before they can even get the required authorization to ask for the keys.

    Qenox Networks Inc. - KVM based VPS
  • @qenox said: Regardless of that, from other news sources it seems they need to be able to reasonably build a case without the encrypted data, before they can even get the required authorization to ask for the keys.

    Indeed, and even if they ave the case, the argument will fall flat in court because you cannot be forced to give self-incriminating evidence.

    Who's General Failure, and why is he reading my drive A: ?

  • @joepie91 said: the Netherlands will be introducing a law

    So it has not been passed?

    Hostigation High Resource Hosting - SolusVM OpenVZ/KVM VPS
  • @rds100 said: Giving the encryption key for some stored encrypted data is one thing, not allowing you to use secure communication at all is another. Ask @Asim

    100% true

  • qenoxqenox Member
    edited November 2012

    @miTgiB said: So it has not been passed?

    http://www.rijksoverheid.nl/nieuws/2012/11/28/nieuwe-maatregel-in-strijd-tegen-kinderpornografie.html

    No, in early 2013 the minister will make a proposal; that has to go through two levels of government before it becomes a law. It may not make it.

    That said, it appears to be specific in scope to child porn and terrorism.

    Qenox Networks Inc. - KVM based VPS
  • @qenox said: Not quite, plus the closest penalty (related to refusal of a government order) is at 3 months; knowing Dutch law I'd say "much more severe" works out to 6 months (apparently refusal of the encryption keys would be "more severe" in the eyes of the law).

    Which means it will make encryption scary for everyone that isn't doing something wrong, and not giving up an encryption key will be laughable for anyone that is doing something wrong. Doesn't look like the desired result. At least, not what most people would desire.

    @qenox said: You can give them a password.

    Yes, until a method is found to identify a hidden volume.

    @qenox said: Regardless of that, from other news sources it seems they need to be able to reasonably build a case without the encrypted data, before they can even get the required authorization to ask for the keys.

    Of course, and we all know how careful the Dutch government is in giving out warrants and such... right?

    @qenox said: No, in early 2013 the minister will make a proposal; that has to go through two levels of government before it becomes a law. It may not make it.

    Knowing the Netherlands - and I mean both the political climate and the people living here - it's very likely to pass. For the past few years, many absolutely horrible laws have passed without as much as a squeak from anyone. Dutch people are exceptionally good at pretending there is no problem, because they don't like having to deal with the consequences.

    @qenox said: That said, it appears to be specific in scope to child porn and terrorism.

    So it's "specific" in scope to one thing that makes everyones mind go into an irrationality lock, and one thing that is so broad and undefined it can mean anything anti-government. What could possibly go wrong?

    Appreciate my posts/software/guides? Donate (PayPal/Flattr/Bitcoin): http://cryto.net/~joepie91/donate.html | irc.freenode.net #lowendbox

  • @Maounique said: Torture, be it physical of psychological could be applied and "confessions" will be admissible, after all, it is allowed in Iran and Israel, why wouldnt christians do the same to protect their faith ?

    Would you please rephrase whatever point you're trying to make?

    RamNode: High Performance SSD and SSD-Cached VPS
    New York - Atlanta - Seattle - Netherlands - IPv6 - DDoS Protection - AS3842
  • @qenox said: That said, it appears to be specific in scope to child porn and terrorism.

    And what is the law on self-incrimination there? Is it a protected right as in the US? If so, even if it manages to pass, will be tossed upon review of the courts.

    Hostigation High Resource Hosting - SolusVM OpenVZ/KVM VPS
  • JarJar Member
    edited November 2012

    @Nick_A His point is that he hates Christians. I know, it's odd that LET is his venue of choice.

  • @jarland said: @Nick_A His point is that he hates Christians.

    I certainly read a negative connotation in there but I don't understand where he's connecting Iranian torture to Christians protecting their faith.

    RamNode: High Performance SSD and SSD-Cached VPS
    New York - Atlanta - Seattle - Netherlands - IPv6 - DDoS Protection - AS3842
  • @Maounique said: why wouldnt christians do the same to protect their faith ?

    God ain't real, that's why.

  • @miTgiB said: And what is the law on self-incrimination there?

    Yes, hence the reason why any decent lawyer would be able to make mince meat out of that proposed law...

    Qenox Networks Inc. - KVM based VPS
  • Whether decryption can be forced is wending its way through various US cases even as we speak...

    http://en.wikipedia.org/wiki/Key_disclosure_law#United_States

    My Advice: : VPS Advice
  • @miTgiB said: And what is the law on self-incrimination there? Is it a protected right as in the US? If so, even if it manages to pass, will be tossed upon review of the courts.

    It is, yes. The problem is that this wouldn't be the first time a law is pushed anyway, regardless of what our constitution says (yes, we do have one).

    Appreciate my posts/software/guides? Donate (PayPal/Flattr/Bitcoin): http://cryto.net/~joepie91/donate.html | irc.freenode.net #lowendbox

  • @joepie91 said:
    Which means it will make encryption scary for everyone that isn't doing something wrong, and not giving up an encryption key will be laughable for anyone that is doing something wrong. Doesn't look like the desired result. At least, not what most people would desire.

    Those who use encryption are not your average users; those who do use, e.g. truecrypt, have some idea of what it entails and the status, etc.

    You missed the point though where they have to be able to make a reasonable case without the encrypted data. Ie. they already, legally, know you are breaking the law; they are looking for more details.

    I'm not arguing for the proposal, but the sky isn't falling either.

    Yes, until a method is found to identify a hidden volume.

    Read the link, it's highly unlikely; that's the key point to plausible deniability.

    Of course, and we all know how careful the Dutch government is in giving out warrants and such... right?

    If they can already build a case without it, then does that not mean it passed some independent measure? (of course it does).

    Knowing the Netherlands - and I mean both the political climate and the people living here - it's very likely to pass. For the past few years, many absolutely horrible laws have passed without as much as a squeak from anyone. Dutch people are exceptionally good at pretending there is no problem, because they don't like having to deal with the consequences.

    Don't look at the Netherlands in a vacuum though; similar laws have passed elsewhere. Besides, bad laws get passed all the time, there's a process to repeal them.

    So it's "specific" in scope to one thing that makes everyones mind go into an irrationality lock, and one thing that is so broad and undefined it can mean anything anti-government. What could possibly go wrong?

    Again, the key point is that they have to be able to legally proof you broke the law before they can even request access.

    Again, the sky isn't falling; it's not a law yet. Nothing wrong with being aware, but it's not the end of the world and I doubt it will pass.

    That said, what's worse in my opinion is what's happening outside of proper controls, e.g. the dutch electronic patient files are being developed by a US company. Why's that a problem you ask? US corporations are subject to US law... which means the patriot act, which just means you gave permission for US government entities to access those files without notification.

    Is it going to happen? Perhaps.

    Qenox Networks Inc. - KVM based VPS
  • mpkossenmpkossen Administrator
    edited November 2012

    @miTgiB said: And what is the law on self-incrimination there? Is it a protected right as in the US? If so, even if it manages to pass, will be tossed upon review of the courts.

    It hasn't passed yet and probably won't, since it conflicts with the right to protect yourself against self-incrimination. That is a protected right here, just as in the US. It's probably just a political move to gain popularity. Opstelten's party lost a lost of support after last elections.

    @joepie91 said: @qenox said: No, in early 2013 the minister will make a proposal; that has to go through two levels of government before it becomes a law. It may not make it.

    Knowing the Netherlands - and I mean both the political climate and the people living here - it's very likely to pass. For the past few years, many absolutely horrible laws have passed without as much as a squeak from anyone. Dutch people are exceptionally good at pretending there is no problem, because they don't like having to deal with the consequences.

    The current government (the majority of "The Second Chamber") doesn't have a majority in the upper level ("The First Chamber"), so it's always tricky.

    I recommend Prometeus and Vultr! | Follow @LowEndNetwork on Twitter and win a dedi!
    Check out my blog at mpkossen.com

  • @qenox said: Those who use encryption are not your average users; those who do use, e.g. truecrypt, have some idea of what it entails and the status, etc.

    Sure, exactly like it was in for example Tunisia. Until suddenly, a large part of the population could benefit from encryption to protect themselves and their families. Looking at any kind of weapons (including defensive electronic 'weapons' like disk encryption) in terms of what the situation is like right now, is incredibly naive. The whole point of leaving a possibility for people to protect themselves, is to prepare for the moment it does go wrong. At that point, it's too late to 'repeal' that law.

    @qenox said: You missed the point though where they have to be able to make a reasonable case without the encrypted data. Ie.

    And as I already implied, the Dutch government is very known for not being so strict in giving out permission for "additional investigative measures".

    @qenox said: Read the link, it's highly unlikely; that's the key point to plausible deniability.

    The whole point of a bug is that it's unlikely and unexpected.

    @qenox said: If they can already build a case without it,

    Then they don't need the encrypted data either, right?

    @qenox said: Don't look at the Netherlands in a vacuum though; similar laws have passed elsewhere.

    This law proposal applies to the Netherlands as if it were a vacuum, so I will treat it as one.

    @qenox said: Besides, bad laws get passed all the time, there's a process to repeal them.

    Sure, let me know how that goes for you. Especially with the extreme degree of "learned helplessness" that's going around in NL.

    @qenox said: Again, the sky isn't falling; it's not a law yet. Nothing wrong with being aware, but it's not the end of the world and I doubt it will pass.

    Ah, right, sounds like what people said for the last gazillion bad laws that were passed. How often does it have to go wrong before you realize that even the idea to introduce something like this is already a problem?

    Appreciate my posts/software/guides? Donate (PayPal/Flattr/Bitcoin): http://cryto.net/~joepie91/donate.html | irc.freenode.net #lowendbox

  • qenoxqenox Member
    edited November 2012

    Looking at any kind of weapons (including defensive electronic 'weapons' like disk encryption) in terms of what the situation is like right now, is incredibly naive. The whole point of leaving a possibility for people to protect themselves, is to prepare for the moment it does go wrong. At that point, it's too late to 'repeal' that law.

    Government in The Netherlands and Tunesia couldn't be much different.

    You can't predict the future and all you can do when it comes to laws is look at the past and current situation and make the best decision. And if the wrong one is made, then there's a process to repeal a law.

    There's no suggestion to make encryption illegal, as you imply, but the suggestion is to make it possible to put pressure on those (in the form of a jail sentence) for those who are already, legally, known to have broken the law.

    I'm not even in favor of this law, but this "the sky is falling" attitude isn't quite helpful either.

    You do realize current laws would allow for a 3 month sentence if you refused to hand over the keys. This proposal (most likely) will increase it to 6-9 months for two specific cases and clarify the "rules".

    And as I already implied, the Dutch government is very known for not being so strict in giving out permission for "additional investigative measures".

    It's much more restrictive than you suggest.

    Then they don't need the encrypted data either, right?

    They don't, but the suggestion is that if the data contains info about crimes ongoing (e.g. child abuse), would you not want to have the option to put pressure on the suspect to get this data? Or would you just say "ah, well".

    This law proposal applies to the Netherlands as if it were a vacuum, so I will treat it as one.

    No country in the EU operates in a vacuum; with that opinion you're no different than the people proposing this actual law (eyes closed, ears covered).

    Sure, let me know how that goes for you. Especially with the extreme degree of "learned helplessness" that's going around in NL.

    Laws get repealed all the time; hang out with a few law students and ask them to point you to the right direction.

    Ah, right, sounds like what people said for the last gazillion bad laws that were passed. How often does it have to go wrong before you realize that even the idea to introduce something like this is already a problem?

    Then what do you suggest? You don't think it's reasonable for law enforcement to have something (i.e. the possibility of jail time) to obtain this information? Dutch people complain that the judicial and policing system does nothing and is toothless, but you're not really willing to give them any options either.

    Also, the current government is your democratically elected government; if you don't like the direction they are going, then vote them out the next time around. And please don't Godwin this argument now about that other democratically elected leader.

    Again, I'm not in favor of this proposal, but I still don't see any reasonable counter proposal.. and no, encryption isn't going to become illegal.

    Laws are fluid, they change all the time; the fact that it may not be noticable to you or not in your lifetime, that means nothing. Societies are fluid.

    Qenox Networks Inc. - KVM based VPS
  • @joepie91 said: before you realize that even the idea to introduce something like this is already a problem?

    Read that again; who are you to say this isn't a good law proposal? People do have different opinions and discussion is part of that (just like the process of ascension from proposal to law).

    I think it's a proposal that is legally and technically flawed, but making the proposal isn't "a problem", that's how our system of rule and law works...

    Qenox Networks Inc. - KVM based VPS
  • MaouniqueMaounique Member
    edited November 2012

    @jarland said: His point is that he hates Christians. I know, it's odd that LET is his venue of choice.

    I dont hate any specific group of ppl, I hate religion in it's political form, i.e. organized religion, state religion, be it Judaism, Christianity, Muslim, Shinto, Animism, whatever is trying to force the view of that specific dogma on everyone else by making laws about it. In my view, forcing women to wear veils or to give birth is similar and stems from the same views inspired from books,as well as restricting rights for large categories of citizens, be them women, gays, other religion ppl under various pretexts, from debauchery to prozelitism. The state and religion should be apart, yet they are fighting a common enemy, and that is the freedom of speech. When we have religion in school (when we declare that the kids are not able to make their own decisions themselves), when doctrines like creationism and global warming being a normal natural phenomenon are taught and even imposed on ppl, when to be able to have a job you must hide your religion or sexual orientation, not only in government and school jobs, but in general, almost, then there is a big problem and the church is the main driving force in this offensive. That is why I dont like it, because it tries to impose on MY thoughts, on MY beliefs, on MY life, when I am not harming anyone so the state should have no business spying on me.

    Who's General Failure, and why is he reading my drive A: ?

  • JarJar Member
    edited November 2012

    @Maounique So you needed to express how you think Christians might violently harm people to protect their beliefs in a discussion about... the legality of encryption?

    Bravo sir, you are a master at ignoring the real issue. The real issue is that you cannot separate the hosting industry from your personal opinions. Your personal opinions, as stated in other posts that were far less detailed and read more as brief attacks and bursts of bitterness, are irrelevant here.

    I find your statements insulting, offensive, and "needless" shouldn't even have to be stated. Just look at the website and thread titles. Can you tell me what your freedom of speech is accomplishing by offending me today? The best way to lose it is to use it as a weapon.

  • MaouniqueMaounique Member
    edited November 2012

    As I said before, but you probably havent bothered to read, this is highly related to encryption since trolls like you are bringing into the light the old argument, no honest citizen will ever need to encrypt anything and privacy is a pretext to hide illegal activities. I think I explained why privacy is needed, and why ppl need to hide from religious freaks that try and succeed to use the state in trying to impose their dogma on everyone. Other than that, you are entitled to your opinion about me. I will try to give you a voice when everyone would try to silence you, your religion will not rule forever, at least not the present religion, one day the atheists or muslims might be in power, like the communists were and are, when they will try to silence you and mock the whatever god you have, you will find me on your side, facing the other trolls from the other side.

    Who's General Failure, and why is he reading my drive A: ?

  • @joepie91

    Next we do: not STORING evidence, as in logs

  • @joepie91 said: It is, yes. The problem is that this wouldn't be the first time a law is pushed anyway, regardless of what our constitution says (yes, we do have one).

    Sounds like the Netherlands is turning into the US (Patriot Act)

    This signature is brought to you by the NSA. Spying on the entire world since 1952!

  • Yes, they are experiencing a rise of the extreme right lately.

    Who's General Failure, and why is he reading my drive A: ?

  • It's funny how politicians these days have been aiming left, right and center at the interwebs...controlling information on the internet, monitoring IP's, the great firewall, etc...it's been a point of contention that will only get more heated as days go by I guess...good luck to us all.

    Bayanihan.net - Create Your Domain and Hosting Reseller Business Today!

  • @Paul said: controlling information

    It is the greatest threat to their power

    Hostigation High Resource Hosting - SolusVM OpenVZ/KVM VPS
  • MaouniqueMaounique Member
    edited November 2012

    @miTgiB said: It is the greatest threat to their power

    governments fear the word today more than the gun. The fight will be over the internet, if we fail there, then it will be bad for everyone, because blood will flow.

    Who's General Failure, and why is he reading my drive A: ?

  • @TheHackBox said: Sounds like the Netherlands is turning into the US (Patriot Act)

    Not even close despite what some say.

    Qenox Networks Inc. - KVM based VPS
Sign In or Register to comment.